#web

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Service Suite Vulnerabilities: Use of Less Trusted Source, Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling'), Integer Overflow or Wraparound, Out-of-bounds Write, Allocation of Resources Without Limits or Throttling, Exposure of Sensitive Information to an Unauthorized Actor, Memory Allocation with Excessive Size Value, Out-of-bounds Read, Uncontrolled Resource Consumption, Improper Resource Shutdown or Release, Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to compromise the confidentiality, integrity, or availability of affected devices. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports the following products are affected: Service Suite: Versions 9.8.1.3 and prior 3.2 VULN...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MACH GWS products Vulnerabilities: Improper Neutralization of Special Elements in Data Query Logic, Improper Limitation of a Pathname to a Restricted Directory, Authentication Bypass by Capture-replay, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject code, read or modify files, hijack user sessions, or access exposed ports without authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Hitachi Energy products are affected: MACH GWS: Version 2.1.0.0 (CVE-2024-4872, CVE-2024-3980) MACH GWS: Versions 2.2.0.0 to 2.4.0.0 (CVE-2024-4872, CVE-2024-3980) MACH GWS: Versions 3.0.0.0 to 3.3.0.0 (CVE-2024-4872, CVE-2024-3980, CVE-2024-3982) MACH GWS: Versions 3.1.0.0 to 3.3.0.0 (CVE-2024-7940) 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: Relion 670/650/SAM600-IO Series Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 2. RISK EVALUATION Successful exploitation of this vulnerability can allow an attacker to reboot the device and cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports the following products are affected: Relion 670/650/SAM600-IO series: Versions 2.2.2.0 up to but not including 2.2.2.6 Relion 670/650/SAM600-IO series: Versions 2.2.3.0 up to but not including 2.2.3.7 Relion 670/650/SAM600-IO series: Versions 2.2.4.0 up to but not including 2.2.4.4 Relion 670/650/SAM600-IO series: Versions 2.2.5.6 up to but not including 2.2.5.6 Relion 670/650/SAM600-IO series: 2.2.0.x Relion 670/650/SAM600-IO series: 2.2.1.x 3.2 VULNERABILITY OVERVIEW 3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-12...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: ABB Equipment: Automation Builder Vulnerabilities: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to overrule the Automation Builder's user management. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Automation Builder are affected: Automation Builder: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732 The affected products store all user management information in the project file. Despite the password data being fully encrypted, an attacker could try to modify parts of the Automation Builder project file by specially crafting contents so the user management will be overruled. CVE-2025-3394 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/...

How do you profile actors and defend your systems when multiple threat actors are working together? In Part 2, Cisco Talos proposes an extended Diamond Model to analyze complex relationships between attackers.

Threat actors are teaming up, splitting attacks into stages and making defense harder than ever. In Part 1, Cisco Talos examines their tactics and defines their motivations.

Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions. This issue affects Apache Superset: through 4.1.1. Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue.

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** In a web-based attack scenario, an attacker could host a website or server that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?** The word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.

Out-of-bounds read in Windows Transport Security Layer (TLS) allows an unauthorized attacker to deny service over a network.